[squid-dev] Peek and splice
Alex Rousskov
rousskov at measurement-factory.com
Tue Oct 27 19:17:25 UTC 2015
On 10/27/2015 04:05 AM, manojmaybe wrote:
> I use squid 3.5.10 as transparent proxy mode . I used peek and splice mode, i
> try to peek at step1 (SslBump1) and server name is available in SNI go for
> further, also peeked at step2 (SslBump2) for whether we doesn't get server
> name , if server name not get in certificate cn i would like to splice all.
> My squid configuration as follows
>
> ssl_bump bump ssl_bumping_forcesafesearch bump_ips bump_ports
> acl no_server_name_yet ssl::server_name_regex none
> ssl_bump peek step1
> ssl_bump peek no_server_name_yet step2
> ssl_bump splice all
>
> but the configuration not working properly.
> How i solve the above scenario.
I recommend posting this configuration question to squid-users instead
of squid-dev. If you do, consider adding an explanation of which
transactions you want to _bump_. Your email only documents what you want
to splice but your squid.conf rules contain a bump action as well.
It may also help if you reshape your description of the desired
functionality in the form of isolated if-then items rather than a single
sentence.
Alex.
More information about the squid-dev
mailing list